Some programmers are constantly creating new threats such as by circumventing traditional network firewalls and intrusion detection systems. Further, such programmers appear to be attacking web applications directly through encrypted secure socket layer (SSL) sessions. Such attacks to websites and/or web applications, of course, can negatively affect business reputation, regulatory compliance, and continuity. The cost of web application security breaches can be very high and in some cases incalculable as breaches can reach across enterprises through every line of business, even affecting enterprise-customer relationships in some instances.
In some enterprises, preventative vulnerability assessments are conducted periodically, such as annually, on any applications determined high exposure for breach. Such proactive measures are designed to identify particular vulnerabilities. However, other security breaches may be occurring on a much higher frequency and may not be detected absent more frequent monitoring.
Hence, a system for real-time threat monitoring, analysis and remediation is needed.